syscallcompat: deduplicate OpenatUser/MknodatUser/SymlinkatUser/Mkdir…

…atUser Turns out the whole euid switching logic can be shared when wrapping the syscall in a closure.
rfjakob · May 22, 2021 · cb4f9f9 · cb4f9f9
1 parent 0650a51
commit cb4f9f9
Showing 1 changed file with 35 additions and 74 deletions.
diff --git a/internal/syscallcompat/sys_linux.go b/internal/syscallcompat/sys_linux.go
@@ -91,11 +91,9 @@ func getSupplementaryGroups(pid uint32) (gids []int) {
 	return nil
 }
 
-// OpenatUser runs the Openat syscall in the context of a different user.
-//
-// It switches the current thread to the new user, performs the syscall,
-// and switches back.
-func OpenatUser(dirfd int, path string, flags int, mode uint32, context *fuse.Context) (fd int, err error) {
+// asUser runs the function `f` under the effective uid, gid, groups specified
+// in `context`.
+func asUser(f func() (int, error), context *fuse.Context) (int, error) {
 	if context != nil {
 		runtime.LockOSThread()
 		defer runtime.UnlockOSThread()
@@ -107,7 +105,7 @@ func OpenatUser(dirfd int, path string, flags int, mode uint32, context *fuse.Co
 		//
 		// We now use unix.{Setgroups,Setregid,Setreuid} instead.
 
-		err = unix.Setgroups(getSupplementaryGroups(context.Pid))
+		err := unix.Setgroups(getSupplementaryGroups(context.Pid))
 		if err != nil {
 			return -1, err
 		}
@@ -125,8 +123,18 @@ func OpenatUser(dirfd int, path string, flags int, mode uint32, context *fuse.Co
 		}
 		defer unix.Setreuid(-1, 0)
 	}
+	return f()
+}
 
-	return Openat(dirfd, path, flags, mode)
+// OpenatUser runs the Openat syscall in the context of a different user.
+//
+// It switches the current thread to the new user, performs the syscall,
+// and switches back.
+func OpenatUser(dirfd int, path string, flags int, mode uint32, context *fuse.Context) (fd int, err error) {
+	f := func() (int, error) {
+		return Openat(dirfd, path, flags, mode)
+	}
+	return asUser(f, context)
 }
 
 // Mknodat wraps the Mknodat syscall.
@@ -138,30 +146,12 @@ func Mknodat(dirfd int, path string, mode uint32, dev int) (err error) {
 //
 // See OpenatUser() for how this works.
 func MknodatUser(dirfd int, path string, mode uint32, dev int, context *fuse.Context) (err error) {
-	if context != nil {
-		runtime.LockOSThread()
-		defer runtime.UnlockOSThread()
-
-		err = unix.Setgroups(getSupplementaryGroups(context.Pid))
-		if err != nil {
-			return err
-		}
-		defer unix.Setgroups(nil)
-
-		err = unix.Setregid(-1, int(context.Owner.Gid))
-		if err != nil {
-			return err
-		}
-		defer unix.Setregid(-1, 0)
-
-		err = unix.Setreuid(-1, int(context.Owner.Uid))
-		if err != nil {
-			return err
-		}
-		defer unix.Setreuid(-1, 0)
+	f := func() (int, error) {
+		err := Mknodat(dirfd, path, mode, dev)
+		return -1, err
 	}
-
-	return Mknodat(dirfd, path, mode, dev)
+	_, err = asUser(f, context)
+	return err
 }
 
 // Dup3 wraps the Dup3 syscall. We want to use Dup3 rather than Dup2 because Dup2
@@ -208,60 +198,31 @@ func FchmodatNofollow(dirfd int, path string, mode uint32) (err error) {
 //
 // See OpenatUser() for how this works.
 func SymlinkatUser(oldpath string, newdirfd int, newpath string, context *fuse.Context) (err error) {
-	if context != nil {
-		runtime.LockOSThread()
-		defer runtime.UnlockOSThread()
-
-		err = unix.Setgroups(getSupplementaryGroups(context.Pid))
-		if err != nil {
-			return err
-		}
-		defer unix.Setgroups(nil)
-
-		err = unix.Setregid(-1, int(context.Owner.Gid))
-		if err != nil {
-			return err
-		}
-		defer unix.Setregid(-1, 0)
-
-		err = unix.Setreuid(-1, int(context.Owner.Uid))
-		if err != nil {
-			return err
-		}
-		defer unix.Setreuid(-1, 0)
+	f := func() (int, error) {
+		err := Symlinkat(oldpath, newdirfd, newpath)
+		return -1, err
 	}
-
-	return Symlinkat(oldpath, newdirfd, newpath)
+	_, err = asUser(f, context)
+	return err
 }
 
 // MkdiratUser runs the Mkdirat syscall in the context of a different user.
 //
 // See OpenatUser() for how this works.
 func MkdiratUser(dirfd int, path string, mode uint32, caller *fuse.Caller) (err error) {
+	f := func() (int, error) {
+		err := Mkdirat(dirfd, path, mode)
+		return -1, err
+	}
+	// TODO: refactor MkdiratUser to take context instead of caller
+	var context *fuse.Context
 	if caller != nil {
-		runtime.LockOSThread()
-		defer runtime.UnlockOSThread()
-
-		err = unix.Setgroups(getSupplementaryGroups(caller.Pid))
-		if err != nil {
-			return err
-		}
-		defer unix.Setgroups(nil)
-
-		err = unix.Setregid(-1, int(caller.Gid))
-		if err != nil {
-			return err
-		}
-		defer unix.Setregid(-1, 0)
-
-		err = unix.Setreuid(-1, int(caller.Uid))
-		if err != nil {
-			return err
+		context = &fuse.Context{
+			Caller: *caller,
 		}
-		defer unix.Setreuid(-1, 0)
 	}
-
-	return Mkdirat(dirfd, path, mode)
+	_, err = asUser(f, context)
+	return err
 }
 
 func timesToTimespec(a *time.Time, m *time.Time) []unix.Timespec {